A runtime model approach for data geo-location checks of cloud services

Abstract

Organizations have to comply with geo-location policies that prescribe geographical locations at which personal data may be stored or processed. When using cloud services, checking data geo-location policies during design-time is no longer possible - data geo-location policies need to be checked during run-time. Cloud elasticity mechanisms dynamically replicate and migrate virtual machines and services among data centers, thereby affecting the geo-location of data. Due to the dynamic nature of such replications and migrations, the actual, concrete changes to the deployment of cloud services and thus to the data geolocations are not known. We propose a policy checking approach utilizing runtime models that reflect the deployment and interaction structure of cloud services and components. By expressing privacy policy checks as an st-connectivity problem, potential data transfers that violate the geolocation policies can be rapidly determined. We experimentally evaluate our approach with respect to applicability and performance using an SOA-version of the CoCoME case study.